CVE-2025-64446
- Source
- https://cve.org/CVERecord?id=CVE-2025-64446
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-64446.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-64446
- Published
- 2025-11-14T16:15:58.567Z
- Modified
- 2026-03-13T03:38:24.445611Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests.
- References
Affected packages
Git /
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-64446.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.0.12"
}
]
},
{
"events": [
{
"introduced": "7.2.0"
},
{
"fixed": "7.2.12"
}
]
},
{
"events": [
{
"introduced": "7.4.0"
},
{
"fixed": "7.4.10"
}
]
},
{
"events": [
{
"introduced": "7.6.0"
},
{
"fixed": "7.6.5"
}
]
},
{
"events": [
{
"introduced": "8.0.0"
},
{
"fixed": "8.0.2"
}
]
}
]